<!DOCTYPE html>

<html xmlns:th="http://www.thymeleaf.org">

    <div class="lesson-page-wrapper">
        <div class="adoc-content" th:replace="doc:InsecureDeserialization_Intro.adoc"></div>
    </div>

    <div class="lesson-page-wrapper">
        <div class="adoc-content" th:replace="doc:InsecureDeserialization_WhatIs.adoc"></div>
    </div>

    <div class="lesson-page-wrapper">
        <div class="adoc-content" th:replace="doc:InsecureDeserialization_SimpleExploit.adoc"></div>
    </div>

    <div class="lesson-page-wrapper">
        <div class="adoc-content" th:replace="doc:InsecureDeserialization_GadgetChain.adoc"></div>
    </div>

    <div class="lesson-page-wrapper">
        <!-- stripped down without extra comments -->
        <div class="adoc-content" th:replace="doc:InsecureDeserialization_Task.adoc"></div>
        <div class="attack-container">
            <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
            <script th:src="@{/lesson_js/credentials.js}"
                    language="JavaScript"></script>
            <form class="attack-form" accept-charset="UNKNOWN" name="task"
                  method="POST"
                  action="/WebGoat/InsecureDeserialization/task"
                  enctype="application/json;charset=UTF-8">

                <input type="textarea" rows="4" cols="40" value="" name="token" placeholder="token"/>
                <input type="submit" value="Submit" />

            </form>
            <div class="attack-feedback"></div>
            <div class="attack-output"></div>
        </div>
    </div>
</html>
